June 13, 2016 | Cybersecurity for the Small Enterprise

Cybersecurity for the Small Enterprise

Ameri-X-Guard Inc. | June 13, 2016

No one is immune to cyberattacks, and no single government agency, company, organization, or individual can solve our growing cybersecurity challenges. We have to work together to secure ourselves in cyberspace. 1

So what’s a small enterprise to do?

Do Something!

  • “The biggest risk facing an SMB manager is inaction. Ignoring cybercrime does not make it go away and places the business in jeopardy. Protective actions against cybercrime are now more important than the locks on a store’s front door.”2
  • “Failure to put an electronic protection plan in place appropriate to the SMB’s size and business model is equivalent to leaving the front door wide open with a pile of cash in plain sight. Don’t let that cash get away: put it under lock and key.” 2

Do Your Part!

  • Small Enterprises can secure employee and customer/patron loyalty by promoting security best-practices. 1
  • The losses resulting from cybercrime can severely damage any enterprise. These damages can far outweigh the costs associated with implementing a diligent security program. 1
  • By implementing a prudent security program that involves both technical controls and cultural adjustments, small enterprises can protect themselves and their customers/patrons from cybercrime. 1
  • Implementing a cost-effective cybersecurity program can also go a long way in demonstrating legal “due diligence” in case of litigation in the aftermath of a cyberattack.1

Get Expert Advice!

  • Identify Vulnerabilities & Assess Risks – Understand your enterprise, your users, your endpoints, your data, and how these are protected. Scan your enterprise on a periodic basis and categorize vulnerabilities. 3
    • Keep an accurate hardware inventory. 3
    • Keep an accurate software inventory. 3
  • Establish Security Policies – Establish security policies and practices to protect your organization’s sensitive data as well as your employees, customers, and other stakeholders. Remember legal “due diligence.” Harden all systems. De-install any software confirmed as unneeded. 3
    • Control administrative access. 3
    • Develop and manage secure configurations for all devices. 3
  • Automate & Remediate – Automate cyber defenses to the extent cost-effective, especially endpoints, network access points, and websites. Automatically update all necessary software on all computers. 3
    • Automate endpoint defenses. 3
    • Remediate vulnerabilities quickly. 3
  • Back Up Critical Data – Establish a schedule to perform backups to ensure that critical data is not lost in the event of a cyberattack or natural disaster. Store backups in secure, remote locations away from the office, and encrypt sensitive data. Invest in data protection as needed and use two-factor authentication where possible. 1
  • Develop a Plan – No matter how obscure you think your enterprise, you should expect to be attacked. Continuity/Recovery planning mitigates risks from disaster, and not just cyber-related, but also natural, man-made, and technological. Plan and prepare to continue critical business functions. 1
  • Educate & Train Employees – Make sure that employees are routinely educated about cyber threats and are well-versed in the policies and procedures that protect your enterprise. Hold all employees accountable for enterprise security policies and procedures. 1

Go ahead, the first consultation is free!

Let’s get started!

1 Department of Homeland Security. Stop.Think.Connect Campaign. 2016. https://www.dhs.gov/stopthinkconnect.

2 Tittel, Ed & Janson, Chris. 5 costly consequences of SMB cybercrime. April 13, 2015. http://www.cio.com/article/2908864/security0/5-costly-consequences-of-smb-cybercrime.html.

3 Cole, Dr. Eric. Six Steps to Stronger Security for SMBs. June 2015. https://www.sans.org/reading-room/whitepapers/analyst/steps-stronger-security-smbs-36037.

Comments are closed.